Managed Security Services
Home » Our Services » Security » Managed Security Services
At CT Group, we have a highly experienced team of security engineers that include
strategic consultants and hands-on specialists. They have extensive knowledge and
expertise in cybersecurity, making them a mature and highly accredited security
team. They can provide a wide range of security solutions and work with some of the
best vendors in Australia to design, implement, and maintain tailored security
measures to protect your business.
We have conducted numerous security assessments and developed a proven model
that can strengthen your organisation's resilience, incident response, and recovery
capabilities. By leveraging our expertise and experience, we can help you improve
your cyber security posture and protect your business from cyber threats. We offer
three Managed Security Packages that allows our clients the level of cyber safety
based on their size, specific needs and budget allowance.
All our packages are priced up individually due to most of the products being based
on a per user or per device structure, which varies significantly from one business to
another.
Basic Security Package
PACKAGE INCLUSIONS- EDR (1 Per User With Excess Billed Per Device)
- RMM (Asset Inventory) (Per Device)
- Cloud Email And Collaboration Security (Per User)
- Multi-Factor Authentication (Per User)
- Device Encryption (Per User)
- DKIM Deployment
- Essential 8 Compliant
- Vulnerability Management (Per Device)
- Security Awareness Training (Per User)
- Automated Phishing Simulation (Per User)
- Dark Web Monitoring (Per User)
- Security Policy Documentation Templates
- Annual Security Presentation And Report
- Managed Detection And Response (Per Device)
- Security Information And Event Management (SIEM)
- DNS Filtering (Per User)
- Password Manager (Per User)
- DMARC Deployment And Management
- DLP Deployment For M365 Suite
- Continuous Microsoft Secure Score Review And Improvements
- Quarterly Security Presentation And Report
- Annual External Penetration Testing
Essential Security Package
PACKAGE INCLUSIONS- EDR (1 Per User With Excess Billed Per Device)
- RMM (Asset Inventory) (Per Device)
- Cloud Email And Collaboration Security (Per User)
- Multi-Factor Authentication (Per User)
- Device Encryption (Per User)
- DKIM Deployment
- Essential 8 Compliant
- Vulnerability Management (Per Device)
- Security Awareness Training (Per User)
- Automated Phishing Simulation (Per User)
- Dark Web Monitoring (Per User)
- Security Policy Documentation Templates
- Annual Security Presentation And Report
- Managed Detection And Response (Per Device)
- Security Information And Event Management (SIEM)
- DNS Filtering (Per User)
- Password Manager (Per User)
- DMARC Deployment And Management
- DLP Deployment For M365 Suite
- Continuous Microsoft Secure Score Review And Improvements
- Quarterly Security Presentation And Report
- Annual External Penetration Testing
Advanced Security Package
PACKAGE INCLUSIONS- EDR (1 Per User With Excess Billed Per Device)
- RMM (Asset Inventory) (Per Device)
- Cloud Email And Collaboration Security (Per User)
- Multi-Factor Authentication (Per User)
- Device Encryption (Per User)
- DKIM Deployment
- Essential 8 Compliant
- Vulnerability Management (Per Device)
- Security Awareness Training (Per User)
- Automated Phishing Simulation (Per User)
- Dark Web Monitoring (Per User)
- Security Policy Documentation Templates
- Annual Security Presentation And Report
- Managed Detection And Response (Per Device)
- Security Information And Event Management (SIEM)
- DNS Filtering (Per User)
- Password Manager (Per User)
- DMARC Deployment And Management
- DLP Deployment For M365 Suite
- Continuous Microsoft Secure Score Review And Improvements
- Quarterly Security Presentation And Report
- Annual External Penetration Testing
Security Package Add Ons
Whilst our Basic and Essential packages don’t include all of the products in the
Advance package, we do offer add on products that will allow us to tailor your security
solutions to your business needs.
There are two particular add ons that we would recommend: Cyber Awareness Security Training and DNS Filtering.
Cyber threats are evolving at a rapid pace and whilst many organisations are investing heavily in cyber technologies, criminals are recognising that through deceiving staff, they can bypass the most sophisticated defences. By tricking employees through tactics, such as phishing, criminals are proving that a human is the weakest link in security. With our Security Awareness Training, we can provide your staff with the skills to make safer decisions (for themselves and for your organisation) and fortify cyber security from the inside out.
DNS Filtering is becoming a crucial product for businesses that offer hybrid and work from home options for their staff, allowing protection of the actual device they are working from.
There are two particular add ons that we would recommend: Cyber Awareness Security Training and DNS Filtering.
Cyber threats are evolving at a rapid pace and whilst many organisations are investing heavily in cyber technologies, criminals are recognising that through deceiving staff, they can bypass the most sophisticated defences. By tricking employees through tactics, such as phishing, criminals are proving that a human is the weakest link in security. With our Security Awareness Training, we can provide your staff with the skills to make safer decisions (for themselves and for your organisation) and fortify cyber security from the inside out.
DNS Filtering is becoming a crucial product for businesses that offer hybrid and work from home options for their staff, allowing protection of the actual device they are working from.
Add Ons
Security Awareness Training (Per User)
Bespoke Security Document Template Creation At Request
DNS Filtering (Per User)
Annual External Penetration Testing Conducted By Independent Third-party With Remediation Of Any Findings Undertaken By CT Group Within Two Weeks Of Report Being Received
Managed Detection And Response (Per Device)
Endpoint Detection and Response (EDR) is a cybersecurity approach that focuses on
detecting and investigating security incidents on endpoints like desktops, laptops and
servers. EDR solutions collect and analyse endpoint data, network traffic, and user behaviour
to detect anomalous activities that could indicate a security breach. EDR solutions are
designed to provide real-time threat intelligence, automated incident response, and
forensic investigation capabilities. EDR tools allow security teams to detect and respond to
advanced threats quickly and efficiently, minimizing the risk of data breaches and other
cybersecurity incidents.
Our remote monitoring and management tool is essential for visibility of the devices within
your network. Our RMM platform is set to run continuous discovery jobs to ensure that an up
to date IT asset inventory exists for all devices that can communicate over the network and
thus act as a potential source of vulnerability which forms a critical part of your security
posture. Our RMM tool is also responsible for the efficient patching of applications and
operating systems in the network.
Our API-based cloud email and collaboration security tool uses AI to protect cloud email and
collaboration suites from cyber attacks that evade default and advanced security tools.
Unlike spam filters, which only protect incoming email, our cloud email and collaboration
security tool protects everything, securing email in all directions (internal, external,
outgoing). This offers complete protection against all threats, including insider ones.
Multi-factor authentication (MFA) is an essential security measure that helps protect your
accounts and data from unauthorized access. MFA provides an additional layer of security by
requiring users to verify their identity using two or more factors before granting access to
their accounts.
Having MFA in place is crucial in today's digital landscape, where cyber attacks and data breaches are becoming more frequent and sophisticated. With MFA, even if an attacker has your password, they won't be able to access your account without the additional authentication factor.
Where available, CT Group will also configure geo-blocking restrictions in tandem with Multi-Factor Authentication to further harden the authentication process.
Having MFA in place is crucial in today's digital landscape, where cyber attacks and data breaches are becoming more frequent and sophisticated. With MFA, even if an attacker has your password, they won't be able to access your account without the additional authentication factor.
Where available, CT Group will also configure geo-blocking restrictions in tandem with Multi-Factor Authentication to further harden the authentication process.
Device encryption is a powerful security measure that helps protect your sensitive data in
case your device falls into the wrong hands. With device encryption, all the information on
your device is scrambled and can only be accessed by someone who has the right password
or decryption key. Our device encryption technology ensures that your important data is
safe and secure, giving you peace of mind when you’re on the go. It’s an essential security
feature for anyone who works with confidential information, from business professionals to
students and anyone who wants to keep their personal data secure.
DKIM (DomainKeys Identified Mail) is an essential security tool used to protect email
communication. It works by adding a digital signature to each email message, which verifies
that the message was sent from a legitimate source and has not been altered during
transmission. This is important because without DKIM, malicious individuals can easily
impersonate a sender's email address and send fraudulent messages to unsuspecting
recipients. DKIM helps to prevent these types of attacks and ensures that email
communication remains secure and reliable.
Deploying the ACSC Essential Eight is critical for businesses and organisations that take
cybersecurity seriously. The Essential Eight is a set of strategies developed by the Australian
Cyber Security Centre (ACSC) that provides a practical framework for mitigating cyber
threats and reducing the likelihood of successful cyber attacks.
By deploying the Essential Eight, you can significantly improve your organisation's cybersecurity posture and protect against a range of common cyber threats, including ransomware, phishing, and malware attacks. The Essential Eight comprises eight mitigation strategies that are considered essential for any organisation that wants to strengthen its cybersecurity defences:
By implementing these strategies, you can prevent cybercriminals from exploiting known vulnerabilities in your organisation's systems, reduce the risk of unauthorised access, and ensure that your critical data is protected from loss or theft. Deploying the Essential Eight is an essential step towards creating a robust and resilient cybersecurity posture that can help your organisation withstand even the most sophisticated cyber attacks. With our expert guidance, you can implement these strategies quickly and effectively, ensuring that your organisation stays protected from cyber threats at all times.
By deploying the Essential Eight, you can significantly improve your organisation's cybersecurity posture and protect against a range of common cyber threats, including ransomware, phishing, and malware attacks. The Essential Eight comprises eight mitigation strategies that are considered essential for any organisation that wants to strengthen its cybersecurity defences:
- Application whitelisting
- Patching applications
- Configuring Microsoft Office macro settings
- User application hardening
- Restricting administrative privileges
- Patching operating systems
- Multi-factor authentication
- Daily backups
By implementing these strategies, you can prevent cybercriminals from exploiting known vulnerabilities in your organisation's systems, reduce the risk of unauthorised access, and ensure that your critical data is protected from loss or theft. Deploying the Essential Eight is an essential step towards creating a robust and resilient cybersecurity posture that can help your organisation withstand even the most sophisticated cyber attacks. With our expert guidance, you can implement these strategies quickly and effectively, ensuring that your organisation stays protected from cyber threats at all times.
Vulnerability management is a critical component of any organisation's cybersecurity
strategy, as it helps identify, assess, and mitigate security vulnerabilities before they can be
exploited by cybercriminals. By regularly scanning and patching vulnerabilities in your
systems and applications, you can significantly reduce the risk of cyber attacks and protect
your organisation's sensitive data. Vulnerability management also helps you comply with
regulatory requirements and industry standards, demonstrating your commitment to
cybersecurity best practices and ensuring that your organisation stays one step ahead of
emerging threats.
Security awareness training is essential to ensure that employees understand the
importance of cybersecurity and their role in protecting their organisation's sensitive
information and assets. By educating employees about the latest cyber threats, phishing
attacks, and social engineering tactics, organisations can significantly reduce the risk of
human error-based security breaches. Security awareness training also helps employees
recognize potential threats and respond appropriately, ensuring that cyber incidents are
detected and reported promptly. Ultimately, security awareness training is an investment in
your organisation's overall cybersecurity posture, as it helps build a culture of security
awareness and empowers employees to be active participants in protecting their
organisation's data and assets
Phishing simulation is an essential security practice that helps individuals and organisations
identify and prevent phishing attacks. Phishing is a type of cyber attack where a fraudster
impersonates a trustworthy entity to trick the victim into divulging sensitive information or
clicking on a malicious link. Phishing simulation involves sending simulated phishing emails
to employees or individuals to test their awareness and response to such attacks. By doing
so, organisations can train their employees to recognize and report suspicious emails,
ultimately reducing the risk of a successful phishing attack.
Dark web monitoring of user passwords is an essential security measure that helps
organisations detect and mitigate potential data breaches originating from the dark web.
Cybercriminals often sell or trade stolen user credentials on the dark web, allowing attackers
to gain unauthorised access to sensitive information and systems. By monitoring the dark
web for mentions of user passwords, organisations can quickly identify potential data
breaches and take action to mitigate the risks. Dark web monitoring of user passwords also
helps organisations proactively educate employees on the importance of strong password
hygiene and implement password policies that require regular changes and the use of
complex, unique passwords. Ultimately, dark web monitoring of user passwords is an
essential component of any comprehensive cybersecurity strategy, helping organisations
protect their sensitive information and assets from the growing threat of cybercrime and
data breaches.
CT Group will provide you with the following security-related policy documentation
templates for you to update as relevant to your firm to satisfy various compliance
requirements.
- Information Security Policy
- Acceptable Use Policy
- Incident Response Plan
- Disaster Response Plan
- Business Continuity Plan
- Password Policy
A member of our security team, alongside your dedicated managed services team leader,
will meet with you to provide an updated overview of the security solution, highlighting the
goals, objective and scope of each service being provided. It will provide an update on the
current threat landscape and detail what security controls are in place to mitigate against it.
The results of the risk assessment of the business alongside a specific human risk
assessment report will be presented to highlight any areas or particular staff members that
require attention or training.